Glossary
The glossary provides brief definitions of common security phrases and terminologies your team should know.
Access Control
Access control regulates who can view, use, or modify resources, balancing security and usability to protect data and maintain operational integrity.
Access Control List
Access Control List (ACL) is a security mechanism that specifies permissions for accessing resources, defining who can or cannot perform certain actions.
Active Directory (AD)
Active Directory (AD) is a Microsoft service used for managing networked resources, providing authentication and authorization.
Address Space Layout Randomisation (ASLR)
ASLR is a security technique that randomizes memory addresses of processes, thwarting predictable exploitation by attackers.
Advanced Encryption Standard (AES)
AES is a robust symmetric encryption standard used worldwide for protecting sensitive electronic data.
Advanced Persistent Threat (APT)
Advanced Persistent Threat (APT) is a sustained, sophisticated cyberattack aimed at stealing information or espionage from specific targets.
Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)
Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK) is a framework detailing cyber adversaries' methods and behaviors for informed defense.
Air Gap
Air gapping is a security measure isolating a computer or network, physically disconnecting it from external networks for enhanced protection.
Amazon Web Services (AWS) Security
Amazon Web Services (AWS) Security comprises measures to protect data, applications, and services within the AWS cloud environment.
Anomaly Detection
Anomaly Detection is a technique used to identify unusual patterns or behaviors that deviate significantly from the standard or expected behavior.
Anti-Malware Scan Interface (AMSI)
AMSI is a Windows interface that integrates applications with anti-malware products, enabling real-time scanning of scripts for malicious activities.
Antivirus Software
Antivirus software is a program that detects, prevents, and removes malware from your computer or network.
API Security
API Security involves protecting application programming interfaces (APIs) from threats and vulnerabilities in the interconnected digital ecosystem.
Application Layer
The Application Layer is the topmost layer in the OSI model, where network applications and user processes occur, interfacing directly with users.
Application Programming Interface (API) Token
An API Token is a unique identifier used for authentication, allowing secure communication between different software applications.
Application Security
Application security refers to the measures and practices taken to protect software applications from unauthorized access, vulnerabilities, and potential threats.
Application Security Testing (AST)
Application Security Testing assesses software for vulnerabilities, ensuring protection against cyber threats.
Application Security Verification Standard (ASVS)
The Application Security Verification Standard (ASVS) is a framework by OWASP ensuring robust security controls in web applications.
Assessment and Authorization
Assessment and Authorization refer to evaluating software security measures and determining access permissions respectively, ensuring system integrity.
Asset Management
Asset Management in application security involves identifying, prioritizing, and monitoring software assets to reduce risk and enhance security.
Attack Surface
An attack surface is the sum of potential vulnerabilities that can be exploited by unauthorized users to infiltrate a system or network.
Attack Vector
An attack vector is a path or method used by a hacker to breach a computer system's security to deliver a malicious outcome.
Attribute Based Access Control (ABAC)
Attribute-Based Access Control (ABAC) is a security approach using attributes (user, action, resource traits) to grant or deny system access.
Australian Prudential Regulation Authority (APRA)
The Australian Prudential Regulation Authority (APRA) oversees the stability of Australia's financial system, regulating its banking, insurance, and superannuation sectors.
Authentication
Authentication is the process of verifying the identity of a user, device, or entity to grant access to a system or resource.
Authorization
Authorization is the process of granting or denying access to resources or information based on predefined rules or permissions.
Behavior-Based Security
Behavior-Based Security is a proactive approach that detects threats by identifying anomalies from the normal behavior of a system.
Big Game Hunting (BGH)
"Big Game Hunting" in cybersecurity refers to targeted attacks on high-value entities for significant payouts or strategic advantages.
Blacklisting
Blacklisting is a security measure blocking known harmful entities such as IP addresses, URLs, or software from system access.
Blue Team
A Blue Team is a group responsible for defending an organization's informational assets from cyber threats and breaches.
Bot Management
Bot management involves identifying, categorizing and responding to automated web traffic to mitigate risks and protect network resources.
Brazilian General Data Protection Law (Lei Geral de Proteção de Dados, or LGPD)
The Brazilian General Data Protection Law (LGPD) is Brazil's regulation for protecting personal data, akin to Europe's GDPR.
Breach & Attack Simulation (BAS)
Breach & Attack Simulation (BAS) is a proactive approach to test cybersecurity defenses by continuously simulating real-world cyber threats.
Breaking Change
A "Breaking Change" is an alteration in software that disrupts existing functionality, potentially causing issues in dependent code or systems.
Brute Force Attack
A brute force attack is a trial-and-error method used to obtain information such as passwords, using exhaustive input attempts.
Buffer Overflow
Buffer Overflow is a flaw where excessive data written into a buffer can overflow it, leading to code execution or system crash scenarios.
Bug Bounty Program
A Bug Bounty Program is an initiative that rewards individuals for identifying and reporting software vulnerabilities.
Build Automation
Build Automation is the process of automating tasks in software development such as compiling code, running tests, and deployment.
Build System
A build system compiles and links source code into executable software, automating processes for consistency and efficiency in software development.
Building Security In Maturity Model (BSIMM)
The Building Security In Maturity Model (BSIMM) is a framework to assess and improve an organization's software security practices.
Bundler
A bundler is a tool that combines and optimizes multiple web development files and dependencies into fewer, streamlined output files for efficient loading.
Business Continuity Plan (BCP)
A Business Continuity Plan (BCP) is a strategy that ensures critical business operations continue during a disruption.
Business Email Compromise (BEC)
Business Email Compromise (BEC) is a scam where cybercriminals spoof or hack business emails to conduct unauthorized transactions or steal information.
Business Impact Analysis (BIA)
Business Impact Analysis (BIA) assesses potential effects of disruptions on business operations and processes to strategize and mitigate risks.
California Consumer Privacy Act (CCPA)
CCPA is a California law giving residents more control over their personal data, including knowing what is collected and opting out of sales.
Canary Release
A Canary Release is a deployment strategy where new software versions are rolled out to a small subset of users before a full release.
Capability Maturity Model (CMM)
The Capability Maturity Model (CMM) is a structured methodology for improving processes and ensuring product quality across five maturity levels.
Capture the Flag (CTF)
Capture the Flag (CTF) is a cybersecurity competition where participants solve security tasks ranging from puzzles to complex problems.
Center for Internet Security (CIS)
The "Center for Internet Security (CIS)" is a non-profit that offers cybersecurity best practices and guidelines to ensure system security.
Certificate Authority (CA)
Certificate Authority (CA) is a trusted entity that issues and manages digital certificates to verify identities over a network.
Certified Cloud Security Professional (CCSP)
The Certified Cloud Security Professional (CCSP) is a global certification from (ISC)² that validates expertise in securing cloud environments.
Certified Information Systems Auditor (CISA)
CISA is a globally recognized certification for IT professionals, ensuring expertise in auditing, controlling, and assuring information systems.
Certified Information Systems Security Professional (CISSP)
The Certified Information Systems Security Professional (CISSP) is a globally recognized advanced-level certification for IT security professionals.
Chain of Custody
Chain of Custody refers to the documented process that proves the integrity of data from collection through to presentation.
Change Management
Change Management is the process of managing and adapting to changes in an organization to minimize disruption and maximize efficiency.
Changelog
A changelog is a chronological record detailing notable changes made to software, aiding in transparency, trust, and security.
Chief Information Security Officer (CISO)
A Chief Information Security Officer (CISO) is a senior executive responsible for developing and implementing strategies to protect an organization's information assets and technologies.
Clickjacking
Clickjacking is a web attack that deceives users by overlaying or hiding elements, tricking them into unknowingly clicking on malicious content or performing unintended actions.
Cloud Access Security Brokers (CASB)
A Cloud Access Security Broker (CASB) is a tool that sits between users and cloud providers to enforce security policies, ensuring data safety.
Cloud Controls Matrix (CCM)
The Cloud Controls Matrix (CCM) is a cybersecurity framework by the Cloud Security Alliance, providing standardized security controls for cloud providers.
Cloud Detection and Response (CDR)
Cloud Detection and Response (CDR) identifies and manages threats in cloud environments, ensuring data integrity and swift incident remediation.
Cloud Infrastructure Entitlement Management (CIEM)
CIEM manages user permissions in cloud environments to prevent misuse and enhance security.
Cloud Native Application Protection Platforms (CNAPP)
Cloud Native Application Protection Platforms (CNAPP) secure cloud-native apps by combining dynamic and static analysis with real-time monitoring.
Cloud Security
Cloud Security is a set of policies, controls, and technologies used to protect data, applications, and infrastructure in the cloud.
Cloud Security Alliance (CSA)
The Cloud Security Alliance (CSA) promotes best practices and education for secure cloud computing, addressing challenges and evolving threats.
Cloud Security Posture Management (CSPM)
Cloud Security Posture Management (CSPM) ensures optimal security configurations in cloud environments, reducing risks and ensuring compliance.
Cloud Workload Protection (CWP)
Cloud Workload Protection ensures security for data, applications, and workloads in cloud environments against threats and vulnerabilities.
Cloud Workload Protection Platform (CWPP)
A Cloud Workload Protection Platform (CWPP) secures dynamic cloud workloads, safeguarding applications and data from potential threats and vulnerabilities.
Code Commit
A code commit is the process of submitting changes to a version control system, marking the evolution of software projects.
Code Coverage
Code Coverage measures the extent to which source code is tested, indicating which parts are executed by tests, helping identify untested areas.
Code Injection
Code Injection is a security vulnerability that allows attackers to introduce malicious code into a program, altering its execution.
Code Obfuscation
Code obfuscation is a method used to make source code harder to understand or reverse engineer, thus enhancing software security.
Code Repositories
Code repositories are storage spaces where developers store and manage their source code, enabling version control, collaboration, and code reuse.
Code Review
Code Review is the systematic examination of source code for error detection and improvement of coding practices.
Code Signing
Code signing is the process of digitally signing executables or scripts, validating the software author and ensuring code hasn't been altered.
Codebase
Codebase refers to the whole set of source code that builds an application, including its dependencies and components.
Collection Management Framework (CMF)
A Collection Management Framework (CMF) is a structured approach to manage, organize, and secure software assets and dependencies.
Command & Control (C2)
Command & Control (C2) is a cybersecurity term for mechanisms attackers use to communicate with and control compromised systems in a target network.
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification (CAPEC) is a catalog detailing and categorizing common methods adversaries use to exploit system vulnerabilities.
Common Criteria
Common Criteria is an international standard for evaluating the security features of IT products to ensure government-approved security levels.
Common Security Advisory Framework (CSAF) 2.0
The Common Security Advisory Framework (CSAF) 2.0 is a standardized method for disclosing and communicating security vulnerabilities consistently.
Common Vulnerabilities and Exposures (CVE)
CVE is a list of publicly disclosed security flaws in software, providing a standardized method for identifying vulnerabilities.
Common Vulnerability Reporting Framework (CVRF)
The Common Vulnerability Reporting Framework (CVRF) is a standardized method for sharing vulnerability-related information efficiently.
Common Vulnerability Score (CVS)
The Common Vulnerability Score (CVS) is a standardized metric to assess the severity of software vulnerabilities, aiding in prioritization.
Common Vulnerability Scoring System
Common Vulnerability Scoring System (CVSS) is a framework used to assess and rate the severity of security vulnerabilities in software or systems.
Common Weakness Enumeration (CWE)
CWE is a community-developed list of common software and hardware weakness types, used to identify and mitigate vulnerabilities.
Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA)
CAPTCHA is a system used to distinguish human from machine input, typically as a way of thwarting spam and automated data extraction.
Compliance
Compliance refers to ensuring the software components and dependencies adhere to legal and regulatory standards.
Compliance Auditing
Compliance auditing is the process of checking if a company adheres to its stated policies, regulations, and industry standards.
Computer Emergency Response Team (CERT)
The term "Computer Emergency Response Team" (CERT) represents a group of experts responsible for managing and responding to cybersecurity incidents.
Confidentiality, Integrity, and Availability (CIA)
The CIA triad in cybersecurity stands for Confidentiality, Integrity, and Availability - three core principles essential for protecting data.
Configuration Management
Configuration Management is the process of systematically managing, organizing, and controlling changes in a system's components throughout its lifecycle.
Container Security
Container Security ensures the integrity of containerized applications, safeguarding them from vulnerabilities and threats.
Containerization
Containerization is the method of encapsulating an application in a container with its own operating environment for consistent execution.
Content Security Policy (CSP)
A Content Security Policy (CSP) is a security feature that helps to prevent malicious attacks, such as cross-site scripting (XSS) and data injection attacks.
Continuous Deployment (CD)
Continuous Deployment is a strategy that automates the delivery of software changes to production after passing a series of automated tests.
Continuous Integration (CI)
Continuous Integration is a dev practice where developers merge code changes frequently to detect integration issues early and ensure code quality.
Continuous Security Assessment (CSA)
Continuous Security Assessment (CSA) integrates ongoing security evaluations into the software development process to identify and address vulnerabilities.
Contributor
A contributor in application security aids in project development, ensuring that security is integrated at every stage, from code to documentation.
Controlled Access Protection Profile (CAPP)
Controlled Access Protection Profile (CAPP) is a standardized security benchmark ensuring IT products maintain data confidentiality and integrity.
CORS Policy
CORS policy controls how resources are accessed from different origins in a web app, defining what's permitted by the server.
Cross Frame Scripting (XSS)
Cross Frame Scripting XSS is an attack where a site displays content from another site within a frame, leading to threats like phishing and impersonation.
Cross-Origin Resource Sharing (CORS)
CORS is a browser security feature allowing web pages from one domain to safely request resources from another domain.
Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) is an attack that tricks users into executing unwanted actions on authenticated web sessions.
Cross-Site Request Forgery (CSRF) DoS
Cross-Site Request Forgery (CSRF) DoS is a web attack that misuses authenticated sessions to flood a target, disrupting its service.
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS) is a vulnerability that allows attackers to inject malicious scripts into webpages viewed by other users.
Cryptanalysis
Cryptanalysis is the study of deciphering encrypted data and breaching cryptographic systems without knowing the encryption key.
Cryptographic Security
Cryptographic Security involves using cryptographic protocols to protect information and communications through encoding to ensure confidentiality.
Cyber Asset Attack Surface Management (CAASM)
Cyber Asset Attack Surface Management (CAASM) is the strategy of identifying, assessing, and securing vulnerabilities in an organization's digital assets.
Cyber Criminal
Cyber criminals are individuals or groups who use technology to commit illegal activities, often targeting digital systems and data.
Cyber Hygiene
Cyber hygiene refers to routine practices to maintain system health and improve online security against digital threats.
Cyber Resilience
Cyber Resilience is the ability to withstand, respond to, and recover from cyber threats while ensuring business continuity.
Cyber Supply Chain Risk Management (CSCRM)
Cyber Supply Chain Risk Management (CSCRM) is the process of identifying, assessing, and mitigating risks in the digital supply chain.
Cyber Threat Intelligence
Cyber Threat Intelligence is the process of gathering and analyzing information about potential attacks to prevent and mitigate cybersecurity risks.
Cybersecurity
Cybersecurity is the practice of protecting networks, devices, and data from digital attacks, damage, or unauthorized access.
Cybersecurity and Infrastructure Security Agency (CISA)
The Cybersecurity and Infrastructure Security Agency (CISA) is a US agency safeguarding critical infrastructure from physical and cyber threats.
Cybersecurity Framework
A Cybersecurity Framework is a set of guidelines to identify, protect, detect, respond, and recover from cyber threats, bolstering software security.
Cybersecurity Maturity Model Certification (CMMC)
Cybersecurity Maturity Model Certification (CMMC) is a unified standard for cybersecurity to protect U.S. Defense Department data.
Cyberwarfare
Cyberwarfare is the use of digital attacks by nations or groups to disrupt, damage, or gain unauthorized access to an adversary's computer systems.
Dark Web Monitoring
Dark Web Monitoring involves the surveillance of darknet markets and forums to detect leaked sensitive data or potential threats.
Data at Rest
Data at rest refers to inactive data stored on various mediums, often a target for cyber threats if not properly secured.
Data Breach
A Data Breach is an incident where unauthorized individuals access and extract sensitive, protected, or confidential data.
Data Classification
Data classification is the process of organizing data into categories based on its type, sensitivity, and relevance for efficient management and security.
Data Detection & Response (DDR)
Data Detection & Response (DDR) is a proactive security strategy for identifying and managing digital threats in real-time.
Data Encryption Standard (DES)
The Data Encryption Standard (DES) is a symmetric-key method for encrypting data, widely used in the 1970s-1990s.
Data Execution Prevention (DEP)
Data Execution Prevention (DEP) is a security feature that differentiates memory areas for storage vs. code execution, preventing unauthorized code runs.
Data in Transit
Data in transit refers to digital information being transferred from one location to another over networks, making it vulnerable to threats.
Data in Use
Data in Use refers to data currently being processed, either by an application, a system, or a user, and is temporarily stored in memory.
Data Loss Prevention (DLP)
Data Loss Prevention (DLP) is a strategy for ensuring sensitive or critical information is not leaked, lost, or accessed unauthorizedly.
Data Masking
Data masking is a technique that replaces sensitive information with fictional yet realistic data to protect it during software testing.
Data Protection
Data Protection involves implementing measures to safeguard information from corruption, compromise, or loss, ensuring its confidentiality and integrity.
Data Sanitization
Data sanitization is the process of irreversibly removing or modifying data to prevent unauthorized access and data breaches.
Data Security Posture Management (DSPM)
Data Security Posture Management (DSPM) is an approach to continuously optimize an organization's data security strategies and compliance.
Dedicated Leak Site
A dedicated leak site is a platform designed to disclose or share sensitive information, often from data breaches or whistleblowers.
Denial of Service (DoS)
Denial of Service (DoS) is an attack aiming to make a system or network resource unavailable to its intended users, disrupting services.
Dependency Confusion
Dependency Confusion is a cybersecurity attack that exploits software dependencies, causing package managers to install malicious packages.
Dependency Graph
A Dependency Graph in software development is a visual representation of interdependencies between different modules or packages.
Dependency Hell
"Dependency Hell" refers to complications arising from conflicting software dependencies, creating issues with functionality and security.
Dependency Management
Dependency management is the process of handling, tracking, and controlling the external libraries or packages a software project relies on.
Dependency Scanning
Dependency Scanning is a security practice that identifies and alerts about vulnerabilities in software dependencies, helping to mitigate potential risks.
Deployment Pipeline
A deployment pipeline automates software delivery, integrating continuous integration and delivery processes for faster, secure releases.
DevSecOps
DevSecOps integrates security practices into the DevOps process, facilitating early detection and remediation of security risks in software development.
Dictionary Attack
A dictionary attack is a technique for defeating a cipher or authentication mechanism by trying a list of likely possibilities.
Digital Certificate
A Digital Certificate is an electronic document using PKI to verify the identity of a user or device, thereby ensuring secure communication.
Digital Forensics
Digital Forensics involves scientifically proven methods to collect, process, and interpret digital evidence, often used in cybercrime investigations.
Digital Signature
Digital Signature is a cryptographic method used to verify the authenticity and integrity of a digital message or document.
Disaster Recovery Planning (DRP)
Disaster Recovery Planning (DRP) is a strategy to recover and protect a business IT infrastructure in the event of a disaster.
Distributed Denial of Service (DDoS)
Distributed Denial of Service (DDoS) is an attack from multiple sources aiming to overwhelm a network or service, causing unavailability.
DNS over HTTPS (DoH)
DNS over HTTPS (DoH) encrypts DNS queries, enhancing privacy and security, but poses challenges in network monitoring and may shift internet governance.
Docker
Docker is an open-source platform that packages, distributes, and manages applications in lightweight containers for isolated, replicable computing environments.
Document Object Model (DOM)
The DOM (Document Object Model) is a programming interface for web documents, representing a page's structure as a tree of objects.
Domain Name System Security Extensions (DNSSEC)
DNSSEC ensures the authenticity of website addresses, protecting against cyberattacks like DNS spoofing. It's vital for internet trust and secure communication.
Domain-based Message Authentication, Reporting & Conformance (DMARC)
DMARC is a protocol that uses SPF and DKIM to validate email authenticity, protecting against phishing and email spoofing attacks.
DomainKeys Identified Mail (DKIM)
DomainKeys Identified Mail (DKIM) is an email authentication method that detects email spoofing by adding a digital signature to email headers.
Dynamic Application Security Testing (DAST)
DAST is a security testing method that checks applications during runtime to detect vulnerabilities.
Encryption
Encryption is a cryptographic method of converting plaintext data into ciphertext to prevent unauthorized access to information.
Endpoint Protection Platform (EPP)
Endpoint Protection Platforms (EPP) secure endpoint devices from cyber threats. Paired with tools like Socket, they provide robust defense for devices and software.
Endpoint Security
Endpoint security is the practice of safeguarding network entry points, like devices and software, from cyber threats.
Endpoint Threat Detection and Response (ETDR)
Endpoint Threat Detection and Response (ETDR) is a cybersecurity approach focused on continuously monitoring and responding to threats on network-connected devices.
Environment Variables
Environment variables are key-value pairs that configure software settings, ensuring flexibility and security by keeping sensitive data out of code.
European Institute for Computer Antivirus Research (EICAR)
The European Institute for Computer Antivirus Research (EICAR) is an organization dedicated to advancing antivirus and security research.
Exploit
An Exploit is a piece of software, data, or command sequence that takes advantage of a vulnerability to cause unintended behavior.
Exploit Prediction Scoring Systems (EPSS)
Exploit Prediction Scoring System (EPSS) forecasts the likelihood of a vulnerability being exploited, enabling proactive cybersecurity measures.
eXtended Detection and Response (XDR)
eXtended Detection and Response (XDR) is an integrated security approach that aggregates data from various sources for holistic threat analysis.
eXtensible Access Control Markup Language (XACML)
eXtensible Access Control Markup Language (XACML) is a standard for defining and evaluating access control policies in structured, extensible formats.
External Attack Surface Management (EASM)
External Attack Surface Management (EASM) is the proactive approach to map, monitor, and mitigate threats to an organization's internet-facing assets.
Factor Analysis of Information Risk (FAIR)
FAIR (Factor Analysis of Information Risk) is a quantitative framework for understanding and assessing information security risks.
Fast IDentity Online (FIDO)
Fast IDentity Online (FIDO) is a set of security specs for robust authentication, reducing password reliance through biometrics and hardware tokens.
File Integrity Monitoring (FIM)
File Integrity Monitoring (FIM) is a method that checks and reports changes to critical system and application files to ensure data security.
File Transfer Protocol Secure-Secure Sockets Layer (FTP-SSL)
FTP-SSL is a protocol for securely transferring files over a network using encryption provided by SSL/TLS, ensuring data confidentiality and integrity.
Firewall
A Firewall is a security system that controls incoming and outgoing network traffic based on predetermined security rules.
Fork
A "fork" in software development means creating an independent copy of a codebase, allowing parallel development without affecting the original.
Forum of Incident Response and Security Teams (FIRST)
FIRST is a global organization that enhances incident response & security by promoting cooperation among various sectors and professionals.
Full Disclosure
Full Disclosure is the practice of publicly revealing details of a security vulnerability, often after a fix is available.
Full Packet Capture (FPC)
Full Packet Capture (FPC) is the process of intercepting and storing all data traversing a network for in-depth analysis and threat detection.
Fuzz Testing
Fuzz Testing is a software testing technique that inputs invalid, unexpected, or random data into a program to uncover vulnerabilities and identify potential security flaws.
Galois/Counter Mode (GCM)
Galois/Counter Mode (GCM) is an encryption algorithm ensuring both data confidentiality and authenticity, widely adopted in cryptographic standards.
General Data Protection Regulation (GDPR)
GDPR is a regulation in EU law that ensures data protection and privacy for individuals, regulating how personal data is processed and moved.
Git
Git is a distributed version control system used by developers for tracking changes in source code during software development.
GitHub
GitHub is a web-based platform for version control and collaboration, primarily used for code sharing and development projects.
GNU Privacy Guard (GnuPG)
GnuPG is an open-source tool for secure communication and data encryption, ensuring data privacy and authentication.
Google Cloud Platform (GCP) Security
Google Cloud Platform (GCP) Security involves protections for data, applications, and services within the GCP cloud environment.
Governance, Risk, and Compliance (GRC)
GRC is a unified approach to managing a company's governance, risk management, and compliance with regulations.
GraphQL
GraphQL is a data query language for APIs, and a runtime for executing those queries, allowing clients to specify exactly what data they need.
Hacking
Hacking refers to the unauthorized access into computer systems by exploiting vulnerabilities to alter, steal, or disrupt data.
Hardware Security Module (HSM)
A Hardware Security Module (HSM) is a physical device that securely manages and stores cryptographic keys, safeguarding them from external threats.
Hashing
Hashing is a process that takes input data of any size and returns a fixed-size string of bytes, used for data integrity and password storage.
Health Insurance Portability and Accountability Act (HIPAA)
HIPAA is a US law that sets standards for the protection of sensitive patient health information, ensuring privacy and data security.
Heuristic Analysis
Heuristic analysis is a cybersecurity technique that detects potential threats by examining data or activities for suspicious behaviors or structures.
Honey Pot
A honeypot is a decoy system set up to lure cyber attackers and detect, deflect, or study their actions for future protection.
Host Intrusion Detection System (HIDS)
A Host Intrusion Detection System (HIDS) monitors and analyzes the internals of a computer system to detect malicious activities.
Host Intrusion Prevention System (HIPS)
A Host Intrusion Prevention System (HIPS) is a security tool that monitors, analyzes, and prevents malicious activities on individual computer systems.
HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS) is a web security policy that enforces the use of HTTPS to secure data transfer, protecting against potential attacks.
Hypertext Transfer Protocol Secure (HTTPS)
Hypertext Transfer Protocol Secure (HTTPS) ensures secure communication between web browsers and websites, protecting data through encryption and authentication.
Identity Access Management (IAM)
Identity Access Management (IAM) is a framework ensuring the right users access the right digital resources securely and efficiently.
Identity and Access Management (IAM)
IAM is a framework for managing digital identities and their access to resources, ensuring the right individuals access the right resources.
Identity Providers (IdP)
Identity Providers (IdPs) manage and store digital identities, ensuring secure user authentication and access to applications and systems.
Incident response (IR)
Incident Response is the organized approach to addressing and managing the aftermath of a security breach or cyberattack.
Incident Response Playbooks
An Incident Response Playbook is a structured guide detailing procedures for handling cybersecurity breaches, ensuring swift and effective action.
Indicators of Compromise (IoC)
Indicators of Compromise (IoC) are crucial artifacts or elements that are typically found in systems that have been or are currently under attack, serving as the telltale signs of a security incident.
Information Security (InfoSec)
Information Security (InfoSec) involves protecting information from unauthorized access, ensuring confidentiality, integrity, and availability.
Infrastructure as Code (IaC)
Infrastructure as Code (IaC) automates the provisioning and management of IT infrastructure using code and software development techniques.
Injection Attacks
Injection attacks exploit vulnerabilities in software by inserting malicious code, leading to unintended actions.
Input Validation
Input Validation is the practice of verifying the format, length, and type of data to prevent processing of harmful or undesired input.
Insecure Direct Object Reference (IDOR)
IDOR is a web vulnerability where attackers gain unauthorized access to objects due to weak access controls, risking data exposure and manipulation.
Insider Threat
An Insider Threat is a risk posed by individuals within an organization who have access to sensitive information or systems.
Intelligence Preparation of the Environment (IPE)
Intelligence Preparation of the Environment (IPE) is a systematic method to understand threats, vulnerabilities, and conditions in a system's operational context.
Interactive Application Security Testing (IAST)
IAST is a testing method combining static and dynamic analysis, analyzing applications during runtime for vulnerabilities and code errors.
International Information System Security Certification Consortium (ISC)²
The International Information System Security Certification Consortium (ISC)² is a global non-profit focused on advancing information security through certifications.
Internet Engineering Task Force (IETF)
The Internet Engineering Task Force (IETF) is an international community shaping the architecture and operation of the Internet through technical standards.
Internet Protocol Security (IPsec)
IPsec is a suite of protocols designed to secure IP communications, ensuring data integrity, authenticity, and confidentiality in networks.
Intrusion Detection System (IDS)
An Intrusion Detection System (IDS) is a device or software application that monitors network or system activities for malicious activity.
Intrusion Prevention System (IPS)
An Intrusion Prevention System (IPS) is a network security tool that can identify and prevent known threats by inspecting traffic in real-time.
Intrusion Protection Systems (IPS)
An Intrusion Protection System (IPS) detects and prevents malicious activities in real-time by monitoring network traffic and blocking potential threats.
IP Address Blocking
IP address blocking is a security measure that prevents specific IP addresses from accessing a network or website.
ISO/IEC 27001
ISO/IEC 27001 is an international standard that provides a framework for managing and maintaining an organization's information security management system.
JSON Web Token (JWT)
JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties for web-based authentication.
Just in Time (JIT)
Just in Time (JIT) provisioning in SAML dynamically creates user accounts upon first login, streamlining onboarding via Single Sign-On (SSO) services.
Keystroke Logging
Keystroke logging, or keylogging, is a method used by cybercriminals to surreptitiously record a user's keystrokes to gather sensitive information.
Kill Chain Model
The "Kill Chain Model" is a cybersecurity framework that breaks down a cyber attack into sequential stages, aiding in threat detection and defense.
Kubernetes
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications across clusters of hosts.
Language Security
Language security refers to vulnerabilities associated with programming languages and strategies to mitigate potential exploitation.
LDAP Injection
LDAP injection is an attack exploiting an application's improperly sanitized LDAP queries to manipulate or access data.
Least Privilege Principle
The Least Privilege Principle advocates granting minimum necessary access to users, programs, or processes for security purposes.
License Compliance
License compliance is adhering to the terms of software licenses to avoid legal issues and respect developers' rights.
Living off the Land Binary (LOLBIN)
Living off the Land Binary (LOLBIN) refers to attackers exploiting legitimate system binaries for malicious purposes, evading detection.
Local File Inclusion (LFI)
Local File Inclusion (LFI) is a vulnerability allowing attackers to include files on a server they shouldn't access, potentially leading to data theft or code execution.
Logging and Monitoring
Logging and Monitoring involve recording and analyzing system activities to detect anomalies, improve performance, and enhance security.
Maintainer
A maintainer manages and safeguards open source projects, overseeing code merges, releases, and community engagement, ensuring quality and security.
Malware
Malware is malicious software designed to cause harm to a user's computer, server, client, or computer network.
Man-in-the-Middle Attack (MitM)
A Man-in-the-Middle (MitM) attack is a cybersecurity threat where a malicious actor intercepts and potentially manipulates communication between two systems.
Managed Security Service Provider (MSSP)
Managed Security Service Providers (MSSPs) offer specialized security services to safeguard organizations' IT environments against cyber threats.
Manifest Confusion
"Manifest confusion" refers to the fact that in the npm ecosystem, a package's manifest and its tarball are published independently.
Mean Time to Resolution (MTTR)
MTTR (Mean Time to Resolution) is the average time taken to fix failed systems or resolve issues, crucial for system reliability and user trust.
Memory Scraping
Memory scraping is a cyber-attack method where sensitive data is extracted from a system's active memory.
Merge Conflict
A merge conflict arises when two code branches in version control have contradictory changes, disrupting a seamless merge.
Message-digest Algorithm
Message-digest algorithms are cryptographic hash functions that ensure data integrity by producing a unique fixed-size byte string from any input.
Microservices
Microservices is an architecture style structuring an application as a collection of loosely coupled, independently deployable services.
Microsoft Azure Security
Microsoft Azure Security refers to the safeguards provided within the Azure cloud service to protect data, applications, and services.
Microsoft Threat Intelligence Center (MSTIC)
MSTIC is Microsoft's prime security operations center focused on protecting its services, products, and customers from cybersecurity threats.
Minification
Minification is the process of compressing code by removing unnecessary characters, improving web performance without changing functionality.
MITRE
MITRE is a not-for-profit organization offering technical expertise to U.S. agencies, shaping the cybersecurity landscape with initiatives like CVE.
Mobile Device Forensic Tools (MDFTs)
Mobile Device Forensic Tools (MDFTs) are software used to extract, analyze, and report data from mobile devices for investigative purposes.
Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) is a security method requiring users to provide two or more verification factors to gain access.
Mutual Transport Layer Security (mTLS)
Mutual TLS (mTLS) is an enhanced security protocol where both the client and server authenticate each other before encrypted communication.
National Institute of Standards and Technology (NIST) US
The National Institute of Standards and Technology (NIST) is a U.S. agency advancing measurement science, standards, and technology for economic security.
National Vulnerability Database (NVD)
NVD is the U.S. government's repository of standards-based vulnerability management data, including CVEs.
Network Access Control (NAC)
Network Access Control (NAC) governs network access based on user/device identity and adherence to security policies.
Network Detection & Response (NDR)
Network Detection & Response (NDR) is a technology that identifies, analyzes, and mitigates threats within a network in real-time.
Network Intrusion Detection Systems (NIDS)
A Network Intrusion Detection System (NIDS) monitors network traffic for suspicious activity, alerting administrators to potential threats.
Network Management System (NMS)
A Network Management System (NMS) is a set of tools for monitoring, managing, and maintaining computer networks, ensuring optimal performance and security.
Network Security
Network Security involves policies and practices adopted to prevent and monitor unauthorized access, misuse, or denial of a computer network.
Network Security Policy (NSP)
A network security policy is a set of rules for protecting a network's infrastructure, defining user access, and mitigating threats.
Network Traffic Analysis (NTA)
Network Traffic Analysis (NTA) monitors, captures, and analyzes network data to identify security threats and optimize system performance.
Next Generation Cyber Infrastruc
The "Next Generation Cyber Infrastructure" refers to advanced, integrated digital systems ensuring enhanced security, scalability, and efficiency in the tech realm.
Next Generation Endpoint Security
Next-generation endpoint security enhances device protection with advanced features, addressing modern cyber threats beyond traditional malware detection.
Next Generation Firewall (NGFW)
A Next Generation Firewall (NGFW) is an advanced network security system that goes beyond traditional firewall capabilities to protect against sophisticated threats.
No-Execute (NX)
No-Execute (NX) is a technology in processors that marks certain memory sections as non-executable to prevent malicious code execution.
Node Modules
Node modules are reusable blocks of code in Node.js applications, utilized to streamline development and enhance functionality.
Node.js
Node.js is an open-source, cross-platform JavaScript runtime environment used to develop scalable network applications.
Notifiable Data Breaches (NDB)
A Notifiable Data Breach (NDB) is when personal data is accessed, disclosed, or lost without authorization, requiring official notification.
npm (Node Package Manager)
npm (Node Package Manager) is the default package manager for Node.js, facilitating the discovery, installation, and management of code packages.
npm audit
npm audit is a tool in npm CLI that identifies and reports known vulnerabilities in a project's dependency tree.
npm Registry
The npm Registry is an online repository for publishing and managing reusable JavaScript packages.
npm-shrinkwrap.json
npm-shrinkwrap.json locks specific dependency versions in npm projects, ensuring consistent installs across setups and environments.
npx (npm package runner)
npx is a tool packaged with npm, enabling developers to execute Node.js packages without global installation, streamlining dependency management.
OAuth
OAuth is an open-standard protocol for secure delegated access, allowing users to share private resources stored on one site with another.
Oblivious DNS over HTTPS (ODoH)
Oblivious DNS over HTTPS (ODoH) enhances online privacy by encrypting DNS queries, ensuring the resolver can't see both the query and requester.
Offensive Security Certified Professional (OSCP)
The OSCP is a rigorous certification for ethical hacking, emphasizing hands-on penetration testing skills in real-world scenarios.
One Time Pad (OTP)
One Time Pad (OTP) is a "perfect" encryption system using a truly random key as long as the message, ensuring theoretically unbreakable security.
Open Authorization (OAuth)
Open Authorization (OAuth) is a protocol that lets third-party apps access user data without revealing their passwords.
Open Security Controls Assessment Language (OSCAL)
OSCAL is a standardized framework for documenting, assessing, and automating security controls across tech platforms.
Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT) is the collection and analysis of information from publicly available sources for intelligence purposes.
Open Source Software
Open Source Software (OSS) is software that is freely available, allowing users to view, modify, and distribute its source code without restrictions.
Open Web Application Security Project (OWASP)
OWASP is a nonprofit dedicated to improving web application security, providing resources like the Top 10 list of most critical security risks.
Open Web Application Security Project (OWASP) Dependency-Check
OWASP Dependency-Check is a tool that identifies known vulnerabilities in a project's dependencies.
Open Web Application Security Project (OWASP) Top 10
OWASP Top 10 is a standard document outlining the most critical security risks to web applications, intended to guide secure development.
OpenID Connect (OIDC)
OpenID Connect is a simple identity layer on top of OAuth2, allowing clients to verify users' identities based on the authentication by an authorization server.
Operational Security (OpSec)
Operational security (OpSec) is a systematic approach to safeguarding sensitive information from potential adversaries in digital realms.
Organisation for the Advancement of Structured Information Standards (OASIS)
OASIS is a global consortium that drives the development and adoption of open standards in areas like security, web services, and digital business.
Package-lock.json
Package-lock.json is an auto-generated file by npm, locking exact versions of project dependencies for consistency and security.
Package.json
package.json is a key file in Node.js projects, housing project metadata, and managing dependencies for efficient setup and execution.
Password Policy
A password policy outlines rules for creating and managing secure passwords, serving as a key defense against unauthorized access.
Patch Management
Patch management is the process of regularly updating and applying software patches to fix vulnerabilities and enhance security.
Patch Tuesday
"Patch Tuesday" refers to the second Tuesday of each month when Microsoft releases software updates to fix known issues.
Payload
A Payload is the part of an exploit that performs a malicious action, such as providing unauthorized access or launching a Denial of Service attack.
Payment Card Data
Payment card data refers to the information on credit, debit, and prepaid cards used for transaction processing.
Payment Card Industry Data Security Standard (PCI DSS)
PCI DSS is a set of security standards designed to ensure that all companies accept, process, store or transmit credit card information securely.
Payment Card Industry Security Standards Council (PCI SSC)
The Payment Card Industry Security Standards Council (PCI SSC) sets standards to protect card transactions and prevent data theft.
Penetration Testing (PenTest)
Penetration Testing (PenTest) is a method of evaluating the security of a system by simulating attacks from malicious sources.
Penetration Testing Execution Standard (PTES)
The Penetration Testing Execution Standard (PTES) is a framework for performing systematic, thorough, and effective cybersecurity penetration tests.
Perfect Forward Secrecy (PFS)
Perfect Forward Secrecy (PFS) ensures session keys remain secure, even if a long-term key is compromised, protecting past communications.
Personal Information Protection and Electronic Documents Act (Canada) – PIPEDA
PIPEDA is Canada's federal privacy law governing the collection, use, and disclosure of personal data in commercial activities.
Phishing
Phishing is a deceptive practice to obtain sensitive information by masquerading as a trustworthy entity in digital communication.
pip (Python Package Index)
pip is a package manager for Python, used to install and manage software packages from the Python Package Index (PyPI).
Policy as Code (PaC)
Policy as Code (PaC) is the practice of writing and enforcing IT and security policies as code, ensuring consistent and automated compliance.
postinstall scripts
Postinstall scripts automatically run after a package is installed, aiding setup but posing potential security risks in open source software.
Potentially Unwanted Programs (PUPs)
Potentially Unwanted Programs (PUPs) are software that installs without clear consent, often being intrusive or unnecessary, posing security risks.
Pretty Good Privacy (PGP)
PGP is a cryptographic method for securing digital communications, using a combination of symmetric and asymmetric encryption, and allowing message authentication through digital signatures.
Privilege Escalation
Privilege Escalation is a security exploit where a user gains elevated access levels, such as administrative privileges, often through system flaws.
Privileged Access Management (PAM)
Privileged Access Management (PAM) controls and monitors access to critical system components, ensuring only authorized users can execute specific tasks.
Process for Attack Simulation & Threat Analysis
Attack Simulation & Threat Analysis involve mimicking cyberattacks to test defenses and evaluating potential threats for proactive security.
Public Key Infrastructure (PKI)
Public Key Infrastructure (PKI) is a system for creating, storing, distributing, and revoking digital certificates to enable secure communications.
Pull Request
A pull request (PR) is a proposal to change a codebase, offering a platform for collaborative review, ensuring code quality and security.
Python
Python is a high-level, interpreted programming language, renowned for its readability, simplicity, and wide range of applications.
Python Package Index (PyPI)
PyPI, or Python Package Index, is a repository of software packages for the Python programming language used by developers worldwide.
Rainbow Table
A rainbow table is a precomputed table for reversing cryptographic hash functions, often used to crack password hashes.
Ransomware
Ransomware is malicious software that encrypts a victim's data, demanding a ransom for its decryption and access restoration.
Ransomware as a Service (RaaS)
Ransomware as a Service (RaaS) is a business model where cybercriminals rent out ransomware tools to other criminals, facilitating easier cyber attacks.
Rapid Threat Response (RTR)
Rapid Threat Response (RTR) is the swift identification, mitigation, and resolution of cybersecurity threats to reduce potential damage.
Rate Limiting
Rate limiting is a technique to control the amount of incoming or outgoing traffic a network or a service can handle within a time period.
Readme.md
A readme.md is a documentation file in repositories, offering essential info about a project, its setup, usage, contribution guidelines, and more.
Red Team
A Red Team is a group that challenges an organization to improve its effectiveness by simulating potential adversaries.
Remote Access Trojans (RATs)
Remote Access Trojans (RATs) are malware that provide unauthorized control over a victim's computer, often for data theft or surveillance.
Remote Code Execution (RCE)
Remote Code Execution (RCE) is a vulnerability that allows an attacker to execute arbitrary commands or code on a victim's system remotely.
Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP) is a Microsoft protocol enabling remote computer access over a network connection.
RepoJacking
Repojacking is a cyber attack where perpetrators hijack a software repository to inject malicious code into open-source packages.
Repository
A repository, or "repo", is a storage location for software code and assets, aiding in version control and collaboration in software development.
Representational State Transfer (REST)
Representational State Transfer (REST) is an architectural style for building web services using standard HTTP methods for interaction.
Requirements.txt
requirements.txt is a Python file that lists project dependencies to ensure consistent setup across different environments.
Responsible Disclosure
Responsible Disclosure is a process where vulnerabilities found in software are privately reported to the vendor before public release.
Return Pointers
Return pointers are addresses returned by functions, pointing to variable locations in memory, offering efficiency but posing potential security risks.
Return-oriented Programming (ROP)
Return-oriented Programming (ROP) is an exploitation technique that uses existing code snippets in an application to bypass modern security defenses.
Reverse Engineering
Reverse Engineering is the process of disassembling a product/software to understand its components, functionality, and underlying structure.
Risk Assessment
Risk Assessment: The process of identifying, evaluating, and prioritizing potential risks to determine their likelihood and potential impact on an organization or project.
Risk Management Framework (RMF)
The Risk Management Framework (RMF) is a process for identifying, assessing, and managing cybersecurity risks in an organization.
Rivest–Shamir–Adleman (RSA) Open Cryptosystem
The Rivest–Shamir–Adleman (RSA) cryptosystem is a widely-used public-key encryption method based on the math of large prime numbers.
Role-Based Access Control
Role-Based Access Control (RBAC) is a security approach that restricts system access based on predefined roles assigned to users, simplifying permission management.
Rootkit
A rootkit is a stealthy type of malware that grants unauthorized access and control over a system, often hiding its presence.
ROT13
ROT13 is a simple substitution cipher that shifts letters 13 places in the alphabet, used to obscure text online.
Runtime Application Self-Protection (RASP)
RASP is a security technology that detects and mitigates attacks on applications in real-time, from within the app's runtime environment.
safety (Python package)
'Safety' in Python packages refers to the absence of security vulnerabilities, ensuring secure and reliable open-source code usage.
Salt
Salt is a random data added into a hash function to prevent identical inputs from generating the same hash, enhancing security.
Sandbox
A sandbox is a secure, isolated environment where programs can be tested or run without affecting the rest of the system or network.
Sandbox Environment
A sandbox environment is an isolated space for safe testing and analysis of code or software, preventing risks to production systems.
Sarbanes-Oxley Act (SOX)
The Sarbanes-Oxley Act (SOX) is a US regulation from 2002 designed to improve corporate governance and ensure accurate financial reporting.
Saved Frame Pointer
The saved frame pointer marks a function's position in the call stack, aiding in memory management and ensuring organized software execution.
Secret Management
Secret Management is the process of safeguarding digital credentials like API keys and passwords to ensure secure access to sensitive resources.
Secrets as a Service
Secrets as a Service offers centralized cloud-based management and storage of sensitive data like API keys, ensuring access only by authorized entities.
Secure Access Service Edge (SASE)
Secure Access Service Edge (SASE) is a unified cloud model merging network functions and security services for enhanced enterprise protection.
Secure Coding Practices
Secure Coding Practices involve guidelines and procedures to prevent the introduction of security vulnerabilities during software development.
Secure Computing
Secure computing ensures computer systems and data are safeguarded against unauthorized access and malicious threats.
Secure Development Lifecycle (SDLC)
Secure Development Lifecycle (SDLC) is a framework that incorporates security considerations into each phase of software development process.
Secure File Transfer Protocol (SFTP)
SFTP is a network protocol that provides secure, reliable file transfers over an unsecured network using SSH encryption.
Secure Hashing Algorithm (SHA)
The Secure Hashing Algorithm (SHA) is a cryptographic method to ensure data integrity through unique, fixed-size hash values for given inputs.
Secure Shell (SSH)
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network.
Secure Socket Layer (SSL)
Secure Socket Layer (SSL) is a deprecated protocol designed to secure communications over a network by using encryption, superseded by TLS.
Secure Software Development Lifecycle (SSDLC)
The Secure Software Development Lifecycle (SSDLC) integrates security best practices into every phase of software development, from inception to decommissioning.
Security Advisory
Security Advisory is a communication on a security vulnerability identified in a system, and how to fix or mitigate it.
Security as Code
Security as Code is the practice of integrating security measures and processes into the software development lifecycle, enabling automated security checks and ensuring secure code and deployments.
Security Assertion Markup Language (SAML)
SAML is a standard for exchanging authentication and authorization data between parties, enhancing web application security.
Security Baseline
A Security Baseline is a set of standards and controls serving as a minimum level of security to protect IT assets.
Security by Design
Security by Design is a proactive approach to software development where security is integral from the design phase, not an afterthought.
Security Content Automation Protocol (SCAP)
The Security Content Automation Protocol (SCAP) is a standardized suite for automating vulnerability and security configuration assessments.
Security Headers
Security Headers are HTTP response headers that, when configured properly, can enhance the security of a web application against attacks.
Security Incident
A Security Incident is an event that leads to a compromise in the integrity, availability, or confidentiality of an information system.
Security Incident & Event Management (SIEM)
SIEM (Security Incident & Event Management) consolidates and analyzes security data, facilitating early threat detection and swift incident response.
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM) is a set of tools for managing, analyzing, and reporting on security event data in real-time.
Security Management System (ISMS)
An Information Security Management System (ISMS) is a structured approach to managing and safeguarding company information against cyber threats.
Security Misconfiguration
Security Misconfiguration occurs when a system's security settings are defaulted, outdated or improperly set up, exposing it to threats.
Security Operations Center (SOC)
A Security Operations Center (SOC) is a team that monitors and improves an organization's cybersecurity, detecting and responding to incidents.
Security Orchestration & Response (SOAR)
Security Orchestration & Response (SOAR) streamlines security operations using automation, enhancing threat management and incident response.
Security Orchestration, Automation, and Response (SOAR)
SOAR is a stack of solutions that enables automated response and threat management, improving efficiency of security operations.
Security Posture
Security posture refers to the overall strength of a system's security measures, including policies, controls, and practices, to protect against vulnerabilities and threats.
Security Response Automation (SRA)
Security Response Automation (SRA) streamlines and automates the process of detecting, assessing, and responding to cybersecurity threats.
Security Risk
Security risk refers to potential threats that can compromise the confidentiality, integrity, and availability of digital data or systems.
Security Services Edge (SSE)
Security Services Edge (SSE) is a cloud-native framework ensuring secure access to applications from any location.
Security Technical Implementation Guide (STIG)
A Security Technical Implementation Guide (STIG) is a framework providing detailed guidance on configuring systems and software securely.
Security Tokens
A Security Token is a digital identifier used to authenticate and authorize users or processes in software systems.
Self-Assessment Questionnaire (SAQ)
A Self-Assessment Questionnaire (SAQ) is a tool used by organizations to evaluate and improve their software's security posture.
Semantic Versioning (SemVer)
Semantic Versioning (SemVer) is a versioning scheme for software that reflects changes in a format of MAJOR.MINOR.PATCH.
Sender Policy Framework (SPF)
Sender Policy Framework (SPF) is an email authentication method to prevent spoofing by verifying if emails come from authorized servers.
Server Side Request Forgery (SSRF)
SSRF is a vulnerability that lets attackers manipulate server requests to access unauthorized resources.
Serverless Architecture
Serverless Architecture is a computing model where cloud providers dynamically manage resources, allowing developers to focus on code.
Session Hijacking
Session hijacking is exploiting a valid computer session to gain unauthorized access or control over a system or network.
setup.py (Python)
setup.py is a Python script used for distributing Python packages, handling dependencies, and facilitating easy installation and sharing of code.
setuptools (Python)
setuptools is a Python tool that facilitates packaging, distributing, and installing software, ensuring code is easily shared and implemented.
Sherwood Applied Business Security Architecture (SABSA)
The Sherwood Applied Business Security Architecture (SABSA) is a framework for enterprise security that aligns with business goals and objectives.
Single Sign-On (SSO)
Single Sign-On (SSO) is an authentication process allowing users to access multiple services with a single set of login credentials.
Social Engineering Toolkit (SET)
The Social Engineering Toolkit (SET) is a collection of tools designed to simulate and test against social engineering cyber attacks.
Software Assurance Maturity Model (SAMM)
The Software Assurance Maturity Model (SAMM) is a framework for assessing and enhancing the security and reliability of software processes.
Software Bill of Materials
Software Bill of Materials (SBOM) is a comprehensive inventory listing of all components and dependencies used in a software application.
Software Composition Analysis
Software Composition Analysis (SCA) is the practice of identifying and managing open source and third-party components used in a software to detect vulnerabilities and ensure license compliance.
Software Composition Analysis (SCA)
SCA focuses on analyzing open-source components in software for vulnerabilities, ensuring secure software development by mitigating risks.
Software Defined Wide Area Network (SD-WAN)
SD-WAN is a modern network approach that optimizes multi-site connectivity, prioritizing flexibility, cost-efficiency, and enhanced security.
Software Development Lifecycle (SDLC)
The Software Development Lifecycle (SDLC) is a structured process guiding the development of software from conception to retirement.
Software Integrity
Software Integrity is the degree to which software is free from flaws, performs its intended functions accurately, and is trustworthy.
Source Composition Analysis (SCA)
Source Composition Analysis (SCA) evaluates software components to identify third-party content, ensuring security and license compliance.
Spear Phishing
Spear phishing is a targeted phishing attack aimed at a specific individual or organization to steal sensitive information.
Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege (STRIDE)
STRIDE is a threat model classifying security threats: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
Spyware
Spyware is a type of malicious software that secretly collects user data and activity without their knowledge or consent.
SQL Injection
SQL Injection is a code injection technique where an attacker can execute malicious SQL queries that control a web application's database.
SSH Key
An SSH Key is a cryptographic tool for secure remote access and encrypted communication in the SSH protocol.
Stack Smashing Protector (SSP)
The Stack Smashing Protector (SSP) is a compiler feature designed to prevent buffer overflow attacks by using a "canary" value on the stack.
Stakeholder-Specific Vulnerability Categorization
Stakeholder-Specific Vulnerability Categorization classifies software vulnerabilities based on the risks they pose to different stakeholders.
Statement of Applicability (SoA)
The "Statement of Applicability (SoA)" is a strategic document detailing and justifying an organization's chosen security controls.
Static Analysis Results Interchange Format (SARIF)
SARIF is an open standard for output format of static analysis tools, ensuring consistent, integrated results.
Static Application Security Testing
Static Application Security Testing (SAST) is a method of analyzing source code for vulnerabilities without executing the application.
Stock Keeping Unit (SKU)
A Stock Keeping Unit (SKU) is a unique code assigned to products, aiding businesses in tracking inventory and managing sales efficiently.
Strengths, Weaknesses, Opportunities, and Threats (SWOT) Analysis
SWOT Analysis evaluates Strengths, Weaknesses, Opportunities, and Threats to strategize for enhanced application security.
Structured Threat Information Expression (STIX)
STIX is a standardized format for sharing cyber threat intelligence, enabling interoperable communication of threat data across security tools.
Sub-resource Integrity (SRI)
Sub-resource Integrity (SRI) is a browser feature ensuring web assets like JavaScript & CSS haven't been tampered with, using cryptographic hashes.
Supply Chain Attack
Supply Chain Attacks compromise software or services at the source, affecting downstream users. They are rising due to increased OSS usage and advanced cyber tactics.
Supply Chain Security
Supply Chain Security refers to efforts to enhance the security of supply chain systems, mitigating risks from manufacture to delivery.
Supply-Chain Levels for Software Artifacts
The "Supply-Chain Levels for Software Artifacts" refers to stages and components in software's creation, modification, and delivery, ensuring its security.
SysAdmin, Audit, Network, and Security
SysAdmin, Audit, Network, and Security are pillars of IT ensuring smooth operation, compliance, connectivity, and protection of digital infrastructure.
System and Organization Controls (SOC)
System and Organization Controls (SOC) are reports evaluating a company's internal controls, ensuring data protection and operational integrity.
System for Cross-domain Identity Management (SCIM)
SCIM (System for Cross-domain Identity Management) is a standard for automating and synchronizing user identity data across diverse platforms.
Tactics, Techniques, and Procedures (TTPs)
Tactics, Techniques, and Procedures (TTPs) describe the methods and patterns adversaries use in cyberattacks.
The Open Group Architecture Framework (TOGAF)
TOGAF is a methodology for improving business efficiency through the design, planning, implementation, and governance of an enterprise's information architecture.
Third-Party Risk Management (TPRM)
Third-Party Risk Management is the process of identifying and mitigating risks associated with outsourcing to third-party vendors.
Threat Intelligence
Threat intelligence is the collection and analysis of information about potential digital threats to predict and counteract cyberattacks.
Threat Intelligence Platform (TIP)
A Threat Intelligence Platform (TIP) collects, organizes, and analyzes real-time data on potential cyber threats to enhance security.
Threat Modeling
Threat modeling is a process of identifying, evaluating, and prioritizing potential threats to a system or organization's security in order to implement effective safeguards.
Tokenization
Tokenization is a security technique that replaces sensitive data with non-sensitive tokens, reducing the risk of data breaches.
Traffic Light Protocol (TLP)
The Traffic Light Protocol (TLP) is a set of guidelines for secure data sharing, using color-coded labels to indicate dissemination constraints.
Transport Layer
The Transport Layer in the OSI model manages data transmission, providing reliable, ordered, and error-checked delivery of packets.
Transport Layer Security (TLS)
Transport Layer Security (TLS) is a cryptographic protocol providing secure communications over a network, often used in web browsers.
Transport Platform Module (TPM)
The Transport Platform Module (TPM) is a dedicated microprocessor designed to enhance hardware security through integrated cryptographic keys.
Triple Data Encryption Algorithm (TDEA or Triple DEA)
TDEA (Triple DEA) is a cryptographic method that applies the DES algorithm three times to enhance data encryption security.
Trojan Horse
A Trojan horse is a malicious program disguised as benign software, used to infiltrate systems and execute harmful actions.
Trusted Automated Exchange of Intelligence Information (TAXII)
TAXII is a protocol for securely and automatically exchanging cyber threat intelligence among organizations.
twine (Python)
Twine is a tool for securely uploading Python packages to the Python Package Index (PyPI).
Two-Factor Authentication (2FA)
Two-Factor Authentication (2FA) is a security process that requires two methods of identity verification before granting access.
Two-Person Integrity (TPI)
Two-Person Integrity (TPI) is a security measure requiring dual approval for critical actions to prevent unauthorized or harmful changes.
Universal Two Factor (U2F)
Universal Two Factor (U2F) is a robust authentication standard using physical tokens to enhance digital security against breaches and phishing.
User Access Control (UAC)
User Access Control (UAC) is a security measure ensuring users only access authorized resources in computing environments.
User and Entity Behavior Analytics (UEBA)
UEBA leverages machine learning to detect abnormal behaviors of users and entities in cybersecurity, offering dynamic protection against threats.
User Behavior Analytics (UBA)
User Behavior Analytics (UBA) is a cybersecurity approach that identifies abnormal user activities to detect potential security threats.
Version Control
Version control is a system that tracks changes to files over time, enabling specific versions to be recalled later.
Virtual Environment (Python)
A Python virtual environment is an isolated workspace for managing project-specific dependencies, avoiding conflicts between projects.
Virtual Machine (VM)
A Virtual Machine (VM) is a software emulation of a computer that runs an operating system and applications like a physical computer.
Virtual Private Network (VPN)
A Virtual Private Network (VPN) extends a private network across a public network, enabling users to send and receive data securely.
Virtualization Security
Virtualization security refers to the measures taken to protect virtual environments, like virtual machines and servers, from cyber threats.
Vulnerability
Vulnerability refers to a weakness in a software system that can be exploited by attackers to compromise its security.
Vulnerability Management
Vulnerability Management is the proactive process of identifying, assessing, prioritizing, and mitigating security vulnerabilities in a system or network.
Web Application Firewall (WAF)
A Web Application Firewall (WAF) is a security measure that filters, monitors, and blocks HTTP traffic to and from a web application.
Webhook
A Webhook is a method of augmenting or altering the behavior of a web page with custom callbacks for real-time data updates.
Webpack
Webpack is a module bundler for JavaScript, streamlining code into compact, browser-ready files.
Wheel (Python Packaging Format)
The Python Wheel is a pre-compiled packaging standard, ensuring faster, consistent, and easy-to-use distribution of Python software.
Whitelisting
Whitelisting is a security practice where only pre-approved and specified systems, applications, or users are granted access privileges.
Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) is an outdated security algorithm for Wi-Fi networks, known for its vulnerabilities.
Worm
A worm is a type of malware that self-replicates and spreads independently, causing harm by exploiting network vulnerabilities.
XML External Entity (XXE)
XML External Entity (XXE) is an attack exploiting XML parsing, allowing unauthorized access to data or system operations.
XML External Entity (XXE) Attack
An XML External Entity (XXE) attack exploits XML processing in a web application, leading to data exposure or server compromise.
Yarn (Package Manager)
Yarn is a fast, reliable, and secure package manager for JavaScript, enhancing dependency management and project workflow.
Zero-Day Vulnerability
A Zero-Day Vulnerability is a software flaw unknown to those who should be interested in its mitigation, often exploited before detection.